[arch-commits] Commit in (4 files)

Massimiliano Torromeo via arch-commits Wed, 20 May 2020 00:50:09 -0700

    Date: Wednesday, May 20, 2020 @ 07:49:02
  Author: mtorromeo
Revision: 630373


Added softhsm as checkdepends for sssd

Added:
  softhsm/
  softhsm/trunk/
  softhsm/trunk/PKGBUILD
  softhsm/trunk/softhsm-2.6.1-rh1831086-exit.patch

------------------------------------+
 PKGBUILD                           |   58 ++++++++++++++++++++++++++++
 softhsm-2.6.1-rh1831086-exit.patch |   72 +++++++++++++++++++++++++++++++++++
 2 files changed, 130 insertions(+)

Added: softhsm/trunk/PKGBUILD
===================================================================
--- softhsm/trunk/PKGBUILD                              (rev 0)
+++ softhsm/trunk/PKGBUILD      2020-05-20 07:49:02 UTC (rev 630373)
@@ -0,0 +1,58 @@
+# Maintainer: Massimiliano Torromeo <massimiliano.torro...@gmail.com>
+# Contributor: Javier Torres <javitonino [at] gmail [dot] com>
+
+pkgname=softhsm
+pkgver=2.6.1
+pkgrel=1
+pkgdesc="Software PKCS#11 store"
+arch=('x86_64')
+url="https://www.opendnssec.org/softhsm/";
+license=('BSD')
+depends=('botan' 'sqlite3' 'openssl' 'p11-kit')
+checkdepends=('cppunit')
+backup=("etc/softhsm2.conf")
+options=(!libtool)
+source=("https://dist.opendnssec.org/source/$pkgname-$pkgver.tar.gz"{,.sig}
+        "softhsm-2.6.1-rh1831086-exit.patch")
+sha256sums=('61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2'
+            'SKIP'
+            '163338a73ab1bcc475e07b96f054d3c8f67ac9d2637b8f74ddaa97aa6b4171e1')
+validpgpkeys=('4D0388CE86BB398B387B663041F623BE4FCB0B94')
+
+build() {
+  cd "$srcdir/$pkgname-$pkgver"
+  patch -p1 -i "$srcdir/softhsm-2.6.1-rh1831086-exit.patch"
+  sed -i 's:^full_libdir=":#full_libdir=":g' configure.ac
+  sed -i "s:libdir)/@PACKAGE@:libdir):" Makefile.in
+  autoreconf -vfi
+  ./configure \
+    --prefix=/usr \
+    --libdir=/usr/lib/pkcs11 \
+    --datarootdir=/usr/share \
+    --localstatedir=/var \
+    --sysconfdir=/etc \
+    --with-p11-kit=/usr/share/p11-kit/modules/ \
+    --with-migrate \
+    --enable-visibility \
+    --enable-ecc \
+    --enable-eddsa \
+    --disable-gost
+  make
+}
+
+check() {
+  cd "$srcdir/$pkgname-$pkgver"
+  make check
+}
+
+package() {
+  cd "$srcdir/$pkgname-$pkgver"
+  make DESTDIR="$pkgdir/" install
+  install -Dm0644 "LICENSE" "$pkgdir/usr/share/licenses/softhsm/LICENSE"
+  rm "$pkgdir/etc/softhsm2.conf.sample"
+
+  cd "$pkgdir/usr/lib"
+  install -dm0755 softhsm
+  ln -s pkcs11/libsofthsm2.so softhsm/
+  ln -s pkcs11/libsofthsm2.so
+}

Added: softhsm/trunk/softhsm-2.6.1-rh1831086-exit.patch
===================================================================
--- softhsm/trunk/softhsm-2.6.1-rh1831086-exit.patch                            
(rev 0)
+++ softhsm/trunk/softhsm-2.6.1-rh1831086-exit.patch    2020-05-20 07:49:02 UTC 
(rev 630373)
@@ -0,0 +1,72 @@
+diff --git a/src/lib/crypto/OSSLCryptoFactory.cpp 
b/src/lib/crypto/OSSLCryptoFactory.cpp
+index 32daca2..ace4bcb 100644
+--- a/src/lib/crypto/OSSLCryptoFactory.cpp
++++ b/src/lib/crypto/OSSLCryptoFactory.cpp
+@@ -226,31 +226,49 @@ err:
+ // Destructor
+ OSSLCryptoFactory::~OSSLCryptoFactory()
+ {
+-#ifdef WITH_GOST
+-      // Finish the GOST engine
+-      if (eg != NULL)
++      bool ossl_shutdown = false;
++
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++      // OpenSSL 1.1.0+ will register an atexit() handler to run
++      // OPENSSL_cleanup(). If that has already happened we must
++      // not attempt to free any ENGINEs because they'll already
++      // have been destroyed and the use-after-free would cause
++      // a deadlock or crash.
++      //
++      // Detect that situation because reinitialisation will fail
++      // after OPENSSL_cleanup() has run.
++      (void)ERR_set_mark();
++      ossl_shutdown = !OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_RDRAND, NULL);
++      (void)ERR_pop_to_mark();
++#endif
++      if (!ossl_shutdown)
+       {
+-              ENGINE_finish(eg);
+-              ENGINE_free(eg);
+-              eg = NULL;
+-      }
++#ifdef WITH_GOST
++              // Finish the GOST engine
++              if (eg != NULL)
++              {
++                      ENGINE_finish(eg);
++                      ENGINE_free(eg);
++                      eg = NULL;
++              }
+ #endif
+ 
+-      // Finish the rd_rand engine
+-      ENGINE_finish(rdrand_engine);
+-      ENGINE_free(rdrand_engine);
+-      rdrand_engine = NULL;
++              // Finish the rd_rand engine
++              ENGINE_finish(rdrand_engine);
++              ENGINE_free(rdrand_engine);
++              rdrand_engine = NULL;
+ 
++              // Recycle locks
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++              if (setLockingCallback)
++              {
++                      CRYPTO_set_locking_callback(NULL);
++              }
++#endif
++      }
+       // Destroy the one-and-only RNG
+       delete rng;
+ 
+-      // Recycle locks
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+-      if (setLockingCallback)
+-      {
+-              CRYPTO_set_locking_callback(NULL);
+-      }
+-#endif
+       for (unsigned i = 0; i < nlocks; i++)
+       {
+               MutexFactory::i()->recycleMutex(locks[i]);

[arch-commits] Commit in (4 files)

Reply via email to